How to protect against modern phishing attacks like Evilginx
Phishing attacks are wreaking havoc across businesses - Using modern phishing techniques, malicious actor(s) can even bypass most MFA methods!
How malicious actors can easily impersonate your voice
Retrieval-based-Voice-Conversion (RVC) using Machine Learning AI is becomingly increasingly accurate. This will
EvilQR Phishing / QRLJacking
QR codes are designed for usability, not security. Using QRLJacking, a victim can unknowingly grant access to their account by scanning a QR code.
Evilginx - Bypassing MFA, phishing is back on the menu
MFA is secure… Unless it’s bypassed.
KeePass Master Password Exploit - CVE-2023-32784 - Proof Of Concept (POC)
Another day, another CVE. It is possible to recover the master password in cleartext for KeePass. Write up, examples and a POC to demonstrate CVE-2023-32784
NoVNC and Browser In The Browser Phishing attack POC/Explained
Combining two advanced phishing techniques
Browser In The Browser (BITB) Attack - POC
Browser In The Browser (BITB) phishing attacks are less common but very effective when used. They’re hard to identify and easy to setup!
Microsoft 365 Security Hardening Guide
Office 365 is widely used however, is rarely configured to best practices which can allow a multitude of attacks/exploitation.
Use this security hardening guide.
Follina - Proof Of Concept - CVE-2022-30190
The new RCE Microsoft Office exploit in action!
My first BurpSuite Vulnerability using Intercept
My first time using BurpSuite Intercept and I found a vulnerability which allows me to change the price of items and checkout.
How to deploy AutoElevate via Azure/Intune
How to deploy AutoElevate via Intune using Endpoint manager
Force Outlook for Mobile via Conditional access
How to force mobile devices to use the Outlook App instead of their native apps.
O365 - How to create Data Subject Request for GDPR
How to create a DSR Case within Office 365
How to change calendar permissions for O365 via Powershell
Some useful scripts to change calendar permissions via Powershell with efficiency and very little effort.
How to connect to your Office 365 Tenant via Powershell
A guide for users/admins to connect to their Office 365 environment with Powershell.
How to check Shared mailbox’s Access Rights via Powershell
How to check Shared mailbox’s Access Rights via .csv with Powershell. Useful for checking permissions without having to go through the office.com admin/exchange interface.
How to check mailbox rules in O365
How to search the mailbox rules on your tenant per user, via Powershell. Great for finding what rules have been setup via the Client/Webapp.